The Week in Breach News: 01/04/23 – 01/10/23

Five Guys

https://www.jdsupra.com/legalnews/five-guys-enterprises-llc-announces-3894616/

Exploit: Hacking
Five Guys: Restaurant Chain

Risk to Business: 2.776 = Moderate
Quick service burger chain Five Guys has disclosed a data breach. The company filed data breach notifications in Texas, Massachusetts and Montana.  Five Guys said that on September 17, 2022, they learned that “an unauthorized party” may have gained access to its computer system. Five Guys later determined that some of the compromised files contained sensitive information belonging to individuals who had previously applied for a job with the company. Exposed information varies depending on the individual and may include names, Social Security numbers, driver’s license numbers and financial account information.

How It Could Affect Your Business: This could end up being an expensive incident for Five Guys even with such a small number of folks impacted because of the sensitivity of the data.

SAIF

https://www.oregonlive.com/business/2023/01/saif-says-data-breach-may-have-compromised-social-security-numbers-medical-information.html

Exploit: Hacking

SAIF: Insurer

Risk to Business: 2.201 = Severe
SAIF, a not-for-profit organization that serves as Oregon’s leading provider of workers’ compensation coverage, has experienced a data breach. The organization maintains that some of the information was at least two decades old, according to the organization, but some who filed claims in September and October may have had medical information compromised. SAIF has notified impacted parties by mail and offered them free ID theft and monitoring service for a year. SAIF said its breach occurred on October 24, 2022, and it notified customers on December 8, 2022.

How It Could Affect Your Business: Insurers are juicy targets for the bad guys because they hold so much valuable data.

Cott Systems

https://www.bankinfosecurity.com/cyberattack-on-records-vendor-affects-scores-us-counties-a-20856

Exploit: Hacking

Cott System: Business Services

Risk to Business: 1.227 = Extreme
Cott Systems, a company that handles records management for more than 400 U.S. local and regional governments, has experienced a data breach. The company was forced to shut down its servers which hold government data including public records, land records and court cases. That resulted in hundreds of local governments being forced to resort to manual processes, slowing down the processing of birth certificates, marriage licenses and real estate transactions. Cott Systems says that it has no indication that data has been compromised.

How It Could Affect Your Business: This is a disaster for many governments that could severely damage Cott Systems’ government contracting future.

Robins & Morton Group

https://www.jdsupra.com/legalnews/the-robins-morton-group-files-notice-of-5035278/

Exploit: Hacking
Robins & Morton Group: Construction Company

Risk to Business: 2.981 = Moderate
Alabama-based construction firm Robins & Morton, a major construction operation in the Southeastern U.S., has disclosed that it has experienced a data security incident in which unauthorized parties accessed its data. The company said that the event took place on October 16, 2022, and that the intruders were able to continue accessing the network until the following day. Some of the files that were compromised contained confidential information belonging to certain consumers. The company said that it sent data breach notifications to affected parties in December 2022.

How It Could Affect Your Business: Infrastructure-related companies like construction firms have been hard hit by cybercrime for the last two years.

United Kingdom – Pates Grammar School

https://www.devonlive.com/news/devon-news/devon-school-hit-cyber-attack-8000342

Exploit: Ransomware

Pates Grammar School: Educational Institution

Risk to Business: 1.643 = Severe
The BBC reports that 14 UK schools, including Pates Grammar School, have fallen victim to a spate of cyberattacks by the Vice Society ransomware group. The attack on Pates took place on September 28, 2022. The gang obtained sensitive data about students including children’s SEN information, child passport scans, staff pay scales and contract details from students enrolled in 2021 & 2022. BBC writers say that they’ve seen data from 14 UK primary and secondary schools purportedly snatched by Vice Society. The incidents are still under investigation.

How it Could Affect Your Business: The education sector has been a favored target of ransomware groups since the start of the COVID-19 pandemic and they’re not slowing down.

France – Deezer

https://www.musicbusinessworldwide.com/deezer-admits-data-breach-that-potentially-exposed-over-220-million-users-info/

Exploit: Hacking

Deezer: Streaming Platform

Risk to Business: 1.603 = Severe
France-based music-streaming platform Deezer has experienced a data breach that has potentially compromised the information of over 220 million users. The company said that the breach took place in November 2022. “The data in question had been handled by a 3rd party partner that we haven’t worked with since 2020, and it was this partner that experienced the breach. Deezer’s security systems remain effective, and our own databases are secure,” Deezer said in a statement. Exposed user data includes basic information such as first and last names, date of birth and email addresses.

How it Could Affect Your Business: Consumers aren’t going to want to become users of a platform that can’t keep their data safe.
 

Australia – Queensland University of Technology (QUT)

https://www.bleepingcomputer.com/news/security/royal-ransomware-claims-attack-on-queensland-university-of-technology/
Exploit: Ransomware

Queensland University of Technology (QUT): Institution of Higher Learning

Risk to Business: 1.904 = Severe
The Royal ransomware gang is responsible for a ransomware attack on the Queensland University of Technology. QUT disclosed the cyberattack on January 1st, 2023, warning students and academic staff of inevitable service disruptions resulting from the security incident. The HiQ website, ‘Digital Workplace’, ‘eStudent’, and Blackboard systems are unavailable. Many other systems are also unavailable like network drive folders, including ‘U Drive’ and the printing network. Access via VPN using Cisco AnyConnect have been disabled until further notice. QUT said that it did not believe that any data was stolen, but Royal has leaked a variety of data like HR files, email and letter communications, ID cards and documents, and financial and administrative documents.

How it Could Affect Your Business: Education is a time-sensitive industry, making it especially attractive to ransomware gangs.

India – Toyota Kirloskar Motor (TKM)

https://gbhackers.com/toyota-discloses-data-breach/

Exploit: Employee Mistake

Toyota Kirloskar Motor (TKM): Carmaker

Risk to Business: 2.103 = Severe
Toyota Motor Corporation has revealed a data breach that may have compromised the personal information of its customers by its Toyota Kirloskar Motor (TKM) division in India. Toyota said that the breach occurred because of an error by a website development subcontractor who mistakenly uploaded part of the source code to their public GitHub account. The company disclosed that the incident might have exposed the personal information TKM’s customers. An estimated 296,000 users of T-Connect who signed up between July 2017 and September 2022 may have had data exposed.

How it Could Affect Your Business: Employee mistakes are the cause of so many expensive disasters that security awareness training can help prevent.